Now we know the NSA blew the black budget breaking crypto, how can you defend yourself?

Well, obviously, we need to get Congress to start imposing adult supervision on the NSA, but until that happens, there are some relatively simple steps you can take to protect yourself.

Yesterday, Alex Halderman and Nadia Heninger won the prize for best paper at the ACM Conference on Computer and Communications Security for Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice, a paper co-authored with a dozen eminent cryptographers, in which they make the case that the NSA has probably spent an appreciable fraction of their "black budget" (whose size was revealed by the Snowden revelations) attacking some standardized prime numbers that were naively used by programmers for Diffie-Hellman key-exchange in standard cryptographic suites.

This really is very bad news, because it means that the NSA has discovered a critical vulnerability in the technology that defends everything from your medical implant to your car's steering and brakes, and they kept it a secret, so that other entities with the budget to replicate their feat (or with the nous to steal the secrets from the NSA) can attack you. f course, it also means that you're liable to being attacked by the NSA, who have aided US domestic intelligence in targeting groups over everything from advocating against invading other countries, building oil pipelines, or just worshiping at a non-Christian temple.

Imperfect Forward Secrecy will resound through the security world, and we can expect that vendors will begin to take steps to fix things. But until they do, there are some measures you can take to protect yourself, by removing the weak forms of Diffie-Hellman key-exchange from the list of methods used by your browser, SSH client and VPN software.

The Electronic Frontier Foundation's Joseph Bonneau and Bill Budington have published an excellent, straightforward guide to hardening your Mac, Windows or GNU/Linux system. Do it today -- I just did.

How to Protect Yourself from NSA Attacks on 1024-bit DH
[Joseph Bonneau and Bill Budington/EFF]

(Image: The most security door in the world. I Have EVER Seen !!!
[ASTAS - SUR Çelik Kapı/Youtube]
)

Loading...